5 matches found
Debian Security Advisory DSA 968-1 (noweb)
The remote host is missing an update to noweb announced via advisory DSA 968-1. Javier Fernández-Sanguino Peña from the Debian Security Audit project discovered that a script in noweb, a web like literate-programming tool, creates a temporary file in an insecure fashion. For the old stable...
[SECURITY] [DSA 968-1] New noweb packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 968-1 [email protected] http://www.debian.org/security/ Martin Schulze February 13th, 2006 http://www.debian.org/security/faq -...
[Full-disclosure] [SECURITY] [DSA 968-1] New noweb packages fix insecure temporary file creation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 968-1 [email protected] http://www.debian.org/security/ Martin Schulze February 13th, 2006 http://www.debian.org/security/faq -...
CVE-2005-3342
noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in 1 lib/toascii.nw and 2 shell/roff.mm...
CVE-2005-3342
noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in 1 lib/toascii.nw and 2 shell/roff.mm...